I have setup an AWS Transfer for SFTP Server, and would like it to only be accessed from Listed IP Addresses. Currently this is working fine when the Endpoint is set to "Public" and have the Authentication Keys setup. I would like to set this up using a "VPC" Endpoint, any help will be appreciated. I have created and Endpoint VPC and have setup the subnets to access the internet. I have then added the IP Address in the "Network ACL" to ALLOW or DENY, but this doesn't work.
Please advice any further options
When you switch to VPC Endpoint, you need to create an endpoint for it.
And when you create an endpoint, it requires you to specify the VPC & Subnets & Security Groups.
So in order to allow a set of specific ip addresses, you need to whitelist them in those Security Groups.